<?php

class AppController extends Controller {
	public function beforeFilter() {
		if (isset($this->Auth)) {
			$this->Auth->userScope = array('User.enabled' => 1);
			$this->Auth->fields = array('username' => 'email', 'password' => 'password');
			$this->Auth->authorize = 'controller';
		}
		
		$this->set('currentUserEmail', $this->Auth->user('email'));
		$this->set('currentUserId', $this->Auth->user('id'));
		if ($this->Auth->user('group') == "admin") {
			$this->set('isAdmin', true);
		} else {
			$this->set('isAdmin', false);
		}
	}
	
	public function isAuthorized() {
		$allowedActions = array(
			'users' => array(
				'index' => array('admin'),
				'view' => array('admin'),
				'add' => array('admin'),
				'edit' => array('admin'),
				'delete' => array('admin'),
				'logout' => array('admin', 'user'),
			),
			'orders' => array(
				'index' => array('admin'),
				'indexUser' => array('admin', 'user'),
				'indexNew' => array('admin'),
				'indexInProgress' => array('admin'),
				'indexPreordered' => array('admin'),
				'indexOnSite' => array('admin'),
				'indexCleared' => array('admin'),
				'view' => array('admin', 'user'),
				'add' => array('admin', 'user'),
				'edit' => array('admin'),
				'delete' => array('admin'),
			),
		);
		
		if(isset($allowedActions[low($this->name)])) {
			$controllerActions = $allowedActions[low($this->name)];
			if(isset($controllerActions[$this->action]) &&
				in_array($this->Auth->user('group'), $controllerActions[$this->action])) {
				return true;
			}
		}
		
		return false;
	}
}

?>